I have arrived at a number of dead ends in my quest to determine if an environmental education program for corporate employees exists.     It seems to me that an effective awareness (or orientation) online course on what it means to be a Green Employee would be the order of the day for most organizations seeking to move the enterprise to an new level of eco-friendliness.   As with other enterprise awareness foundational programs, it seems that the time is right to get everyone speaking the same language, to enhance the awareness of the issues, and to be a catalyst in changing behaviour. 

If it is out there, I can’t find it.

Rick

Here is an excerpt from a recent SearchSecurity.com article that we found interesting…

If 2006 began the trend of researchers launching ‘month-of’ flaw disclosure projects, 2007 was the year such projects ceased amid a rising wave of criticism among those who thought it was more about ego than better security

“Software vendors are notorious for taking months or years to produce a security patch,” said Metasploit Framework creator H.D. Moore, whose Month of Browser Bugs in July exposed 31 browser holes, most affecting Microsoft’s Internet Explorer. “The ‘Month-of’ projects put pressure on the vendor to address an issue in a reasonable amount of time. In my experience, nothing produces a patch faster than a published exploit.”

LMH, the researcher behind the Month of Kernel and Month of Apple bugs, said, “It’s better to have someone disclosing your security flaws than having them known by the bad guys, only. This pushes the vendor to change its procedures and policies for vulnerability handling and disclosure. And that’s where users benefit.”

But with the Month of Apple Bugs now underway, some security bloggers are criticizing the disclosure projects as something designed more for press attention than better security.

That’s not to say the critics don’t find some value in what the researchers are doing.

The Security Curve blog, for example, takes on the issue of press attention while still finding value in exposing Apple’s security holes.

The full article is here.